Comment 5 for bug 1879660

To elaborate a bit on what is involved here, as eluded to in #3 OVN's means of authentication is comprised of 1) checking the authenticity of the certificate chassis present combined with 2) checking that the CN in the certificate matches the FQDN of the connected chassis.

This in turn means that each individual chassis unit in a model requires a different certificate for successful operation of the cluster.

The ssl_* configuration options and the code associated with them was not designed for this. So we currently have no config-based approach to solving this problem for the OVN charms.